RHSA-2026:14020
Vulnerability from csaf_redhat - Published: 2026-05-06 11:39 - Updated: 2026-05-06 21:11Summary
Red Hat Security Advisory: Release of components for Service Telemetry Framework 1.5.7
Severity
Important
Notes
Topic: Release of components for the Service Telemetry Framework
Details: Service Telemetry Framework (STF) provides automated collection of measurements and data from remote clients, such as Red Hat OpenStack Platform or third-party nodes. STF then transmits the information to a centralized, receiving Red Hat OpenShift Container Platform deployment for storage, retrieval, and monitoring.
Security Fixes:
* pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID (CVE-2026-23490)
* Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking (CVE-2026-24049)
* Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)
* pyasn1 Vulnerable to Denial of Service via Unbounded Recursion (CVE-2026-30922)
* Denial of Service vulnerability in certificate chain building (CVE-2026-32280)
* Excessive resource consumption when printing error string for host certificate validation in crypto/x509 (CVE-2025-61729)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in pyasn1, a generic ASN.1 library for Python. A remote attacker could exploit this vulnerability by sending a specially crafted RELATIVE-OID with excessive continuation octets. This input validation vulnerability leads to memory exhaustion, resulting in a Denial of Service (DoS) for the affected system.
7.5 (High)
Vendor Fix
The Service Telemetry Framework container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container
Catalog (see References).
Dockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.
https://access.redhat.com/errata/RHSA-2026:14020
A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.
7.1 (High)
Vendor Fix
The Service Telemetry Framework container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container
Catalog (see References).
Dockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.
https://access.redhat.com/errata/RHSA-2026:14020
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
7.5 (High)
Vendor Fix
The Service Telemetry Framework container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container
Catalog (see References).
Dockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.
https://access.redhat.com/errata/RHSA-2026:14020
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
An unbounded recursion flaw has been discovered in the pypi pyasn1 library. This uncontrolled recursion occurs when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing nested SEQUENCE (0x30) or SET (0x31) tags with Indefinite Length (0x80) markers. This forces the decoder to recursively call itself until the Python interpreter crashes with a RecursionError or consumes all available memory (OOM), crashing the host application.
7.5 (High)
Vendor Fix
The Service Telemetry Framework container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container
Catalog (see References).
Dockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.
https://access.redhat.com/errata/RHSA-2026:14020
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
7.5 (High)
Vendor Fix
The Service Telemetry Framework container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container
Catalog (see References).
Dockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.
https://access.redhat.com/errata/RHSA-2026:14020
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Release of components for the Service Telemetry Framework",
"title": "Topic"
},
{
"category": "general",
"text": "Service Telemetry Framework (STF) provides automated collection of measurements and data from remote clients, such as Red Hat OpenStack Platform or third-party nodes. STF then transmits the information to a centralized, receiving Red Hat OpenShift Container Platform deployment for storage, retrieval, and monitoring.\n\nSecurity Fixes:\n* pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID (CVE-2026-23490)\n* Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking (CVE-2026-24049)\n* Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n* pyasn1 Vulnerable to Denial of Service via Unbounded Recursion (CVE-2026-30922)\n* Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n* Excessive resource consumption when printing error string for host certificate validation in crypto/x509 (CVE-2025-61729)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:14020",
"url": "https://access.redhat.com/errata/RHSA-2026:14020"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-23490",
"url": "https://access.redhat.com/security/cve/CVE-2026-23490"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24049",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-30922",
"url": "https://access.redhat.com/security/cve/CVE-2026-30922"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32280",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://catalog.redhat.com/software/containers/search",
"url": "https://catalog.redhat.com/software/containers/search"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_14020.json"
}
],
"title": "Red Hat Security Advisory: Release of components for Service Telemetry Framework 1.5.7",
"tracking": {
"current_release_date": "2026-05-06T21:11:08+00:00",
"generator": {
"date": "2026-05-06T21:11:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:14020",
"initial_release_date": "2026-05-06T11:39:14+00:00",
"revision_history": [
{
"date": "2026-05-06T11:39:14+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-06T11:39:19+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-06T21:11:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack 1.5",
"product": {
"name": "Red Hat OpenStack 1.5",
"product_id": "Red Hat OpenStack 1.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:stf:1.5::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/stf/prometheus-webhook-snmp-rhel9@sha256:f491bfd1f9829050d5ca68786aa1bdf74f1ce6e030b7c1112cc68b3858d83b88_amd64",
"product": {
"name": "registry.redhat.io/stf/prometheus-webhook-snmp-rhel9@sha256:f491bfd1f9829050d5ca68786aa1bdf74f1ce6e030b7c1112cc68b3858d83b88_amd64",
"product_id": "registry.redhat.io/stf/prometheus-webhook-snmp-rhel9@sha256:f491bfd1f9829050d5ca68786aa1bdf74f1ce6e030b7c1112cc68b3858d83b88_amd64",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-webhook-snmp-rhel9@sha256%3Af491bfd1f9829050d5ca68786aa1bdf74f1ce6e030b7c1112cc68b3858d83b88?arch=amd64\u0026repository_url=registry.redhat.io/stf\u0026tag=1777452540"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/stf/service-telemetry-operator-bundle@sha256:1abefb6eb3d624f2b9b827f31ecae69a2c84e50a2fe91be81d01d6c2b4ec766b_amd64",
"product": {
"name": "registry.redhat.io/stf/service-telemetry-operator-bundle@sha256:1abefb6eb3d624f2b9b827f31ecae69a2c84e50a2fe91be81d01d6c2b4ec766b_amd64",
"product_id": "registry.redhat.io/stf/service-telemetry-operator-bundle@sha256:1abefb6eb3d624f2b9b827f31ecae69a2c84e50a2fe91be81d01d6c2b4ec766b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/service-telemetry-operator-bundle@sha256%3A1abefb6eb3d624f2b9b827f31ecae69a2c84e50a2fe91be81d01d6c2b4ec766b?arch=amd64\u0026repository_url=registry.redhat.io/stf\u0026tag=1777453299"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/stf/service-telemetry-rhel9-operator@sha256:6a9a6329f33c56bd44d760fa0d80a6c34b6a5d5942cf5a32b46e49899f546483_amd64",
"product": {
"name": "registry.redhat.io/stf/service-telemetry-rhel9-operator@sha256:6a9a6329f33c56bd44d760fa0d80a6c34b6a5d5942cf5a32b46e49899f546483_amd64",
"product_id": "registry.redhat.io/stf/service-telemetry-rhel9-operator@sha256:6a9a6329f33c56bd44d760fa0d80a6c34b6a5d5942cf5a32b46e49899f546483_amd64",
"product_identification_helper": {
"purl": "pkg:oci/service-telemetry-rhel9-operator@sha256%3A6a9a6329f33c56bd44d760fa0d80a6c34b6a5d5942cf5a32b46e49899f546483?arch=amd64\u0026repository_url=registry.redhat.io/stf\u0026tag=1777407251"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/stf/sg-bridge-rhel9@sha256:58085c6b3136a28e803409d7203486650b276f2c7aaf124936b0166738a11f8b_amd64",
"product": {
"name": "registry.redhat.io/stf/sg-bridge-rhel9@sha256:58085c6b3136a28e803409d7203486650b276f2c7aaf124936b0166738a11f8b_amd64",
"product_id": "registry.redhat.io/stf/sg-bridge-rhel9@sha256:58085c6b3136a28e803409d7203486650b276f2c7aaf124936b0166738a11f8b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/sg-bridge-rhel9@sha256%3A58085c6b3136a28e803409d7203486650b276f2c7aaf124936b0166738a11f8b?arch=amd64\u0026repository_url=registry.redhat.io/stf\u0026tag=1777463768"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/stf/sg-core-rhel9@sha256:73bbc51fe49e965907f35d7176759235bff876032e40616366093ead21372c71_amd64",
"product": {
"name": "registry.redhat.io/stf/sg-core-rhel9@sha256:73bbc51fe49e965907f35d7176759235bff876032e40616366093ead21372c71_amd64",
"product_id": "registry.redhat.io/stf/sg-core-rhel9@sha256:73bbc51fe49e965907f35d7176759235bff876032e40616366093ead21372c71_amd64",
"product_identification_helper": {
"purl": "pkg:oci/sg-core-rhel9@sha256%3A73bbc51fe49e965907f35d7176759235bff876032e40616366093ead21372c71?arch=amd64\u0026repository_url=registry.redhat.io/stf\u0026tag=1777452570"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/stf/smart-gateway-operator-bundle@sha256:fdff297b0f11bac06d6e4d82e1dc8724ab42f0be6a0fdcbc5cd6c80c7bc7bffe_amd64",
"product": {
"name": "registry.redhat.io/stf/smart-gateway-operator-bundle@sha256:fdff297b0f11bac06d6e4d82e1dc8724ab42f0be6a0fdcbc5cd6c80c7bc7bffe_amd64",
"product_id": "registry.redhat.io/stf/smart-gateway-operator-bundle@sha256:fdff297b0f11bac06d6e4d82e1dc8724ab42f0be6a0fdcbc5cd6c80c7bc7bffe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/smart-gateway-operator-bundle@sha256%3Afdff297b0f11bac06d6e4d82e1dc8724ab42f0be6a0fdcbc5cd6c80c7bc7bffe?arch=amd64\u0026repository_url=registry.redhat.io/stf\u0026tag=1777464350"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/stf/smart-gateway-rhel9-operator@sha256:247fd48abbb8862bff7aa76d742a8edcbb4bc0cef35b5624c458a502cd709a8d_amd64",
"product": {
"name": "registry.redhat.io/stf/smart-gateway-rhel9-operator@sha256:247fd48abbb8862bff7aa76d742a8edcbb4bc0cef35b5624c458a502cd709a8d_amd64",
"product_id": "registry.redhat.io/stf/smart-gateway-rhel9-operator@sha256:247fd48abbb8862bff7aa76d742a8edcbb4bc0cef35b5624c458a502cd709a8d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/smart-gateway-rhel9-operator@sha256%3A247fd48abbb8862bff7aa76d742a8edcbb4bc0cef35b5624c458a502cd709a8d?arch=amd64\u0026repository_url=registry.redhat.io/stf\u0026tag=1777436150"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/stf/prometheus-webhook-snmp-rhel9@sha256:f491bfd1f9829050d5ca68786aa1bdf74f1ce6e030b7c1112cc68b3858d83b88_amd64 as a component of Red Hat OpenStack 1.5",
"product_id": "Red Hat OpenStack 1.5:registry.redhat.io/stf/prometheus-webhook-snmp-rhel9@sha256:f491bfd1f9829050d5ca68786aa1bdf74f1ce6e030b7c1112cc68b3858d83b88_amd64"
},
"product_reference": "registry.redhat.io/stf/prometheus-webhook-snmp-rhel9@sha256:f491bfd1f9829050d5ca68786aa1bdf74f1ce6e030b7c1112cc68b3858d83b88_amd64",
"relates_to_product_reference": "Red Hat OpenStack 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/stf/service-telemetry-operator-bundle@sha256:1abefb6eb3d624f2b9b827f31ecae69a2c84e50a2fe91be81d01d6c2b4ec766b_amd64 as a component of Red Hat OpenStack 1.5",
"product_id": "Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-operator-bundle@sha256:1abefb6eb3d624f2b9b827f31ecae69a2c84e50a2fe91be81d01d6c2b4ec766b_amd64"
},
"product_reference": "registry.redhat.io/stf/service-telemetry-operator-bundle@sha256:1abefb6eb3d624f2b9b827f31ecae69a2c84e50a2fe91be81d01d6c2b4ec766b_amd64",
"relates_to_product_reference": "Red Hat OpenStack 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/stf/service-telemetry-rhel9-operator@sha256:6a9a6329f33c56bd44d760fa0d80a6c34b6a5d5942cf5a32b46e49899f546483_amd64 as a component of Red Hat OpenStack 1.5",
"product_id": "Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-rhel9-operator@sha256:6a9a6329f33c56bd44d760fa0d80a6c34b6a5d5942cf5a32b46e49899f546483_amd64"
},
"product_reference": "registry.redhat.io/stf/service-telemetry-rhel9-operator@sha256:6a9a6329f33c56bd44d760fa0d80a6c34b6a5d5942cf5a32b46e49899f546483_amd64",
"relates_to_product_reference": "Red Hat OpenStack 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/stf/sg-bridge-rhel9@sha256:58085c6b3136a28e803409d7203486650b276f2c7aaf124936b0166738a11f8b_amd64 as a component of Red Hat OpenStack 1.5",
"product_id": "Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-bridge-rhel9@sha256:58085c6b3136a28e803409d7203486650b276f2c7aaf124936b0166738a11f8b_amd64"
},
"product_reference": "registry.redhat.io/stf/sg-bridge-rhel9@sha256:58085c6b3136a28e803409d7203486650b276f2c7aaf124936b0166738a11f8b_amd64",
"relates_to_product_reference": "Red Hat OpenStack 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/stf/sg-core-rhel9@sha256:73bbc51fe49e965907f35d7176759235bff876032e40616366093ead21372c71_amd64 as a component of Red Hat OpenStack 1.5",
"product_id": "Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-core-rhel9@sha256:73bbc51fe49e965907f35d7176759235bff876032e40616366093ead21372c71_amd64"
},
"product_reference": "registry.redhat.io/stf/sg-core-rhel9@sha256:73bbc51fe49e965907f35d7176759235bff876032e40616366093ead21372c71_amd64",
"relates_to_product_reference": "Red Hat OpenStack 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/stf/smart-gateway-operator-bundle@sha256:fdff297b0f11bac06d6e4d82e1dc8724ab42f0be6a0fdcbc5cd6c80c7bc7bffe_amd64 as a component of Red Hat OpenStack 1.5",
"product_id": "Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-operator-bundle@sha256:fdff297b0f11bac06d6e4d82e1dc8724ab42f0be6a0fdcbc5cd6c80c7bc7bffe_amd64"
},
"product_reference": "registry.redhat.io/stf/smart-gateway-operator-bundle@sha256:fdff297b0f11bac06d6e4d82e1dc8724ab42f0be6a0fdcbc5cd6c80c7bc7bffe_amd64",
"relates_to_product_reference": "Red Hat OpenStack 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/stf/smart-gateway-rhel9-operator@sha256:247fd48abbb8862bff7aa76d742a8edcbb4bc0cef35b5624c458a502cd709a8d_amd64 as a component of Red Hat OpenStack 1.5",
"product_id": "Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-rhel9-operator@sha256:247fd48abbb8862bff7aa76d742a8edcbb4bc0cef35b5624c458a502cd709a8d_amd64"
},
"product_reference": "registry.redhat.io/stf/smart-gateway-rhel9-operator@sha256:247fd48abbb8862bff7aa76d742a8edcbb4bc0cef35b5624c458a502cd709a8d_amd64",
"relates_to_product_reference": "Red Hat OpenStack 1.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-23490",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-16T20:03:33.790513+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-operator-bundle@sha256:1abefb6eb3d624f2b9b827f31ecae69a2c84e50a2fe91be81d01d6c2b4ec766b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-bridge-rhel9@sha256:58085c6b3136a28e803409d7203486650b276f2c7aaf124936b0166738a11f8b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-core-rhel9@sha256:73bbc51fe49e965907f35d7176759235bff876032e40616366093ead21372c71_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-operator-bundle@sha256:fdff297b0f11bac06d6e4d82e1dc8724ab42f0be6a0fdcbc5cd6c80c7bc7bffe_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430472"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in pyasn1, a generic ASN.1 library for Python. A remote attacker could exploit this vulnerability by sending a specially crafted RELATIVE-OID with excessive continuation octets. This input validation vulnerability leads to memory exhaustion, resulting in a Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/prometheus-webhook-snmp-rhel9@sha256:f491bfd1f9829050d5ca68786aa1bdf74f1ce6e030b7c1112cc68b3858d83b88_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-rhel9-operator@sha256:6a9a6329f33c56bd44d760fa0d80a6c34b6a5d5942cf5a32b46e49899f546483_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-rhel9-operator@sha256:247fd48abbb8862bff7aa76d742a8edcbb4bc0cef35b5624c458a502cd709a8d_amd64"
],
"known_not_affected": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-operator-bundle@sha256:1abefb6eb3d624f2b9b827f31ecae69a2c84e50a2fe91be81d01d6c2b4ec766b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-bridge-rhel9@sha256:58085c6b3136a28e803409d7203486650b276f2c7aaf124936b0166738a11f8b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-core-rhel9@sha256:73bbc51fe49e965907f35d7176759235bff876032e40616366093ead21372c71_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-operator-bundle@sha256:fdff297b0f11bac06d6e4d82e1dc8724ab42f0be6a0fdcbc5cd6c80c7bc7bffe_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23490"
},
{
"category": "external",
"summary": "RHBZ#2430472",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430472"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23490",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23490"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23490",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23490"
},
{
"category": "external",
"summary": "https://github.com/pyasn1/pyasn1/commit/3908f144229eed4df24bd569d16e5991ace44970",
"url": "https://github.com/pyasn1/pyasn1/commit/3908f144229eed4df24bd569d16e5991ace44970"
},
{
"category": "external",
"summary": "https://github.com/pyasn1/pyasn1/releases/tag/v0.6.2",
"url": "https://github.com/pyasn1/pyasn1/releases/tag/v0.6.2"
},
{
"category": "external",
"summary": "https://github.com/pyasn1/pyasn1/security/advisories/GHSA-63vm-454h-vhhq",
"url": "https://github.com/pyasn1/pyasn1/security/advisories/GHSA-63vm-454h-vhhq"
}
],
"release_date": "2026-01-16T19:03:36.442000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-06T11:39:14+00:00",
"details": "The Service Telemetry Framework container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container\nCatalog (see References).\n\nDockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.",
"product_ids": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/prometheus-webhook-snmp-rhel9@sha256:f491bfd1f9829050d5ca68786aa1bdf74f1ce6e030b7c1112cc68b3858d83b88_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-rhel9-operator@sha256:6a9a6329f33c56bd44d760fa0d80a6c34b6a5d5942cf5a32b46e49899f546483_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-rhel9-operator@sha256:247fd48abbb8862bff7aa76d742a8edcbb4bc0cef35b5624c458a502cd709a8d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14020"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/prometheus-webhook-snmp-rhel9@sha256:f491bfd1f9829050d5ca68786aa1bdf74f1ce6e030b7c1112cc68b3858d83b88_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-operator-bundle@sha256:1abefb6eb3d624f2b9b827f31ecae69a2c84e50a2fe91be81d01d6c2b4ec766b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-rhel9-operator@sha256:6a9a6329f33c56bd44d760fa0d80a6c34b6a5d5942cf5a32b46e49899f546483_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-bridge-rhel9@sha256:58085c6b3136a28e803409d7203486650b276f2c7aaf124936b0166738a11f8b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-core-rhel9@sha256:73bbc51fe49e965907f35d7176759235bff876032e40616366093ead21372c71_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-operator-bundle@sha256:fdff297b0f11bac06d6e4d82e1dc8724ab42f0be6a0fdcbc5cd6c80c7bc7bffe_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-rhel9-operator@sha256:247fd48abbb8862bff7aa76d742a8edcbb4bc0cef35b5624c458a502cd709a8d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID"
},
{
"cve": "CVE-2026-24049",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-01-22T05:00:54.709179+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-operator-bundle@sha256:1abefb6eb3d624f2b9b827f31ecae69a2c84e50a2fe91be81d01d6c2b4ec766b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-rhel9-operator@sha256:6a9a6329f33c56bd44d760fa0d80a6c34b6a5d5942cf5a32b46e49899f546483_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-bridge-rhel9@sha256:58085c6b3136a28e803409d7203486650b276f2c7aaf124936b0166738a11f8b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-core-rhel9@sha256:73bbc51fe49e965907f35d7176759235bff876032e40616366093ead21372c71_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-operator-bundle@sha256:fdff297b0f11bac06d6e4d82e1dc8724ab42f0be6a0fdcbc5cd6c80c7bc7bffe_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-rhel9-operator@sha256:247fd48abbb8862bff7aa76d742a8edcbb4bc0cef35b5624c458a502cd709a8d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431959"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/prometheus-webhook-snmp-rhel9@sha256:f491bfd1f9829050d5ca68786aa1bdf74f1ce6e030b7c1112cc68b3858d83b88_amd64"
],
"known_not_affected": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-operator-bundle@sha256:1abefb6eb3d624f2b9b827f31ecae69a2c84e50a2fe91be81d01d6c2b4ec766b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-rhel9-operator@sha256:6a9a6329f33c56bd44d760fa0d80a6c34b6a5d5942cf5a32b46e49899f546483_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-bridge-rhel9@sha256:58085c6b3136a28e803409d7203486650b276f2c7aaf124936b0166738a11f8b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-core-rhel9@sha256:73bbc51fe49e965907f35d7176759235bff876032e40616366093ead21372c71_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-operator-bundle@sha256:fdff297b0f11bac06d6e4d82e1dc8724ab42f0be6a0fdcbc5cd6c80c7bc7bffe_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-rhel9-operator@sha256:247fd48abbb8862bff7aa76d742a8edcbb4bc0cef35b5624c458a502cd709a8d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "RHBZ#2431959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24049",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24049"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef",
"url": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/releases/tag/0.46.2",
"url": "https://github.com/pypa/wheel/releases/tag/0.46.2"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx",
"url": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx"
}
],
"release_date": "2026-01-22T04:02:08.706000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-06T11:39:14+00:00",
"details": "The Service Telemetry Framework container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container\nCatalog (see References).\n\nDockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.",
"product_ids": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/prometheus-webhook-snmp-rhel9@sha256:f491bfd1f9829050d5ca68786aa1bdf74f1ce6e030b7c1112cc68b3858d83b88_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14020"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/prometheus-webhook-snmp-rhel9@sha256:f491bfd1f9829050d5ca68786aa1bdf74f1ce6e030b7c1112cc68b3858d83b88_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-operator-bundle@sha256:1abefb6eb3d624f2b9b827f31ecae69a2c84e50a2fe91be81d01d6c2b4ec766b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-rhel9-operator@sha256:6a9a6329f33c56bd44d760fa0d80a6c34b6a5d5942cf5a32b46e49899f546483_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-bridge-rhel9@sha256:58085c6b3136a28e803409d7203486650b276f2c7aaf124936b0166738a11f8b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-core-rhel9@sha256:73bbc51fe49e965907f35d7176759235bff876032e40616366093ead21372c71_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-operator-bundle@sha256:fdff297b0f11bac06d6e4d82e1dc8724ab42f0be6a0fdcbc5cd6c80c7bc7bffe_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-rhel9-operator@sha256:247fd48abbb8862bff7aa76d742a8edcbb4bc0cef35b5624c458a502cd709a8d_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/prometheus-webhook-snmp-rhel9@sha256:f491bfd1f9829050d5ca68786aa1bdf74f1ce6e030b7c1112cc68b3858d83b88_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-operator-bundle@sha256:1abefb6eb3d624f2b9b827f31ecae69a2c84e50a2fe91be81d01d6c2b4ec766b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-rhel9-operator@sha256:6a9a6329f33c56bd44d760fa0d80a6c34b6a5d5942cf5a32b46e49899f546483_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-bridge-rhel9@sha256:58085c6b3136a28e803409d7203486650b276f2c7aaf124936b0166738a11f8b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-core-rhel9@sha256:73bbc51fe49e965907f35d7176759235bff876032e40616366093ead21372c71_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-operator-bundle@sha256:fdff297b0f11bac06d6e4d82e1dc8724ab42f0be6a0fdcbc5cd6c80c7bc7bffe_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-rhel9-operator@sha256:247fd48abbb8862bff7aa76d742a8edcbb4bc0cef35b5624c458a502cd709a8d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/prometheus-webhook-snmp-rhel9@sha256:f491bfd1f9829050d5ca68786aa1bdf74f1ce6e030b7c1112cc68b3858d83b88_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-operator-bundle@sha256:1abefb6eb3d624f2b9b827f31ecae69a2c84e50a2fe91be81d01d6c2b4ec766b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-rhel9-operator@sha256:6a9a6329f33c56bd44d760fa0d80a6c34b6a5d5942cf5a32b46e49899f546483_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-bridge-rhel9@sha256:58085c6b3136a28e803409d7203486650b276f2c7aaf124936b0166738a11f8b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-operator-bundle@sha256:fdff297b0f11bac06d6e4d82e1dc8724ab42f0be6a0fdcbc5cd6c80c7bc7bffe_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-rhel9-operator@sha256:247fd48abbb8862bff7aa76d742a8edcbb4bc0cef35b5624c458a502cd709a8d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-core-rhel9@sha256:73bbc51fe49e965907f35d7176759235bff876032e40616366093ead21372c71_amd64"
],
"known_not_affected": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/prometheus-webhook-snmp-rhel9@sha256:f491bfd1f9829050d5ca68786aa1bdf74f1ce6e030b7c1112cc68b3858d83b88_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-operator-bundle@sha256:1abefb6eb3d624f2b9b827f31ecae69a2c84e50a2fe91be81d01d6c2b4ec766b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-rhel9-operator@sha256:6a9a6329f33c56bd44d760fa0d80a6c34b6a5d5942cf5a32b46e49899f546483_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-bridge-rhel9@sha256:58085c6b3136a28e803409d7203486650b276f2c7aaf124936b0166738a11f8b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-operator-bundle@sha256:fdff297b0f11bac06d6e4d82e1dc8724ab42f0be6a0fdcbc5cd6c80c7bc7bffe_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-rhel9-operator@sha256:247fd48abbb8862bff7aa76d742a8edcbb4bc0cef35b5624c458a502cd709a8d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-06T11:39:14+00:00",
"details": "The Service Telemetry Framework container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container\nCatalog (see References).\n\nDockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.",
"product_ids": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-core-rhel9@sha256:73bbc51fe49e965907f35d7176759235bff876032e40616366093ead21372c71_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14020"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/prometheus-webhook-snmp-rhel9@sha256:f491bfd1f9829050d5ca68786aa1bdf74f1ce6e030b7c1112cc68b3858d83b88_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-operator-bundle@sha256:1abefb6eb3d624f2b9b827f31ecae69a2c84e50a2fe91be81d01d6c2b4ec766b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-rhel9-operator@sha256:6a9a6329f33c56bd44d760fa0d80a6c34b6a5d5942cf5a32b46e49899f546483_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-bridge-rhel9@sha256:58085c6b3136a28e803409d7203486650b276f2c7aaf124936b0166738a11f8b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-core-rhel9@sha256:73bbc51fe49e965907f35d7176759235bff876032e40616366093ead21372c71_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-operator-bundle@sha256:fdff297b0f11bac06d6e4d82e1dc8724ab42f0be6a0fdcbc5cd6c80c7bc7bffe_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-rhel9-operator@sha256:247fd48abbb8862bff7aa76d742a8edcbb4bc0cef35b5624c458a502cd709a8d_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/prometheus-webhook-snmp-rhel9@sha256:f491bfd1f9829050d5ca68786aa1bdf74f1ce6e030b7c1112cc68b3858d83b88_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-operator-bundle@sha256:1abefb6eb3d624f2b9b827f31ecae69a2c84e50a2fe91be81d01d6c2b4ec766b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-rhel9-operator@sha256:6a9a6329f33c56bd44d760fa0d80a6c34b6a5d5942cf5a32b46e49899f546483_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-bridge-rhel9@sha256:58085c6b3136a28e803409d7203486650b276f2c7aaf124936b0166738a11f8b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-core-rhel9@sha256:73bbc51fe49e965907f35d7176759235bff876032e40616366093ead21372c71_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-operator-bundle@sha256:fdff297b0f11bac06d6e4d82e1dc8724ab42f0be6a0fdcbc5cd6c80c7bc7bffe_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-rhel9-operator@sha256:247fd48abbb8862bff7aa76d742a8edcbb4bc0cef35b5624c458a502cd709a8d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-30922",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2026-03-18T04:02:45.401296+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-operator-bundle@sha256:1abefb6eb3d624f2b9b827f31ecae69a2c84e50a2fe91be81d01d6c2b4ec766b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-bridge-rhel9@sha256:58085c6b3136a28e803409d7203486650b276f2c7aaf124936b0166738a11f8b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-core-rhel9@sha256:73bbc51fe49e965907f35d7176759235bff876032e40616366093ead21372c71_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-operator-bundle@sha256:fdff297b0f11bac06d6e4d82e1dc8724ab42f0be6a0fdcbc5cd6c80c7bc7bffe_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448553"
}
],
"notes": [
{
"category": "description",
"text": "An unbounded recursion flaw has been discovered in the pypi pyasn1 library. This uncontrolled recursion occurs when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing nested SEQUENCE (0x30) or SET (0x31) tags with Indefinite Length (0x80) markers. This forces the decoder to recursively call itself until the Python interpreter crashes with a RecursionError or consumes all available memory (OOM), crashing the host application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/prometheus-webhook-snmp-rhel9@sha256:f491bfd1f9829050d5ca68786aa1bdf74f1ce6e030b7c1112cc68b3858d83b88_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-rhel9-operator@sha256:6a9a6329f33c56bd44d760fa0d80a6c34b6a5d5942cf5a32b46e49899f546483_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-rhel9-operator@sha256:247fd48abbb8862bff7aa76d742a8edcbb4bc0cef35b5624c458a502cd709a8d_amd64"
],
"known_not_affected": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-operator-bundle@sha256:1abefb6eb3d624f2b9b827f31ecae69a2c84e50a2fe91be81d01d6c2b4ec766b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-bridge-rhel9@sha256:58085c6b3136a28e803409d7203486650b276f2c7aaf124936b0166738a11f8b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-core-rhel9@sha256:73bbc51fe49e965907f35d7176759235bff876032e40616366093ead21372c71_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-operator-bundle@sha256:fdff297b0f11bac06d6e4d82e1dc8724ab42f0be6a0fdcbc5cd6c80c7bc7bffe_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-30922"
},
{
"category": "external",
"summary": "RHBZ#2448553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448553"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-30922",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-30922"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-30922",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30922"
},
{
"category": "external",
"summary": "https://github.com/pyasn1/pyasn1/commit/25ad481c19fdb006e20485ef3fc2e5b3eff30ef0",
"url": "https://github.com/pyasn1/pyasn1/commit/25ad481c19fdb006e20485ef3fc2e5b3eff30ef0"
},
{
"category": "external",
"summary": "https://github.com/pyasn1/pyasn1/security/advisories/GHSA-jr27-m4p2-rc6r",
"url": "https://github.com/pyasn1/pyasn1/security/advisories/GHSA-jr27-m4p2-rc6r"
}
],
"release_date": "2026-03-18T02:29:45.857000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-06T11:39:14+00:00",
"details": "The Service Telemetry Framework container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container\nCatalog (see References).\n\nDockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.",
"product_ids": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/prometheus-webhook-snmp-rhel9@sha256:f491bfd1f9829050d5ca68786aa1bdf74f1ce6e030b7c1112cc68b3858d83b88_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-rhel9-operator@sha256:6a9a6329f33c56bd44d760fa0d80a6c34b6a5d5942cf5a32b46e49899f546483_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-rhel9-operator@sha256:247fd48abbb8862bff7aa76d742a8edcbb4bc0cef35b5624c458a502cd709a8d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14020"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/prometheus-webhook-snmp-rhel9@sha256:f491bfd1f9829050d5ca68786aa1bdf74f1ce6e030b7c1112cc68b3858d83b88_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-operator-bundle@sha256:1abefb6eb3d624f2b9b827f31ecae69a2c84e50a2fe91be81d01d6c2b4ec766b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-rhel9-operator@sha256:6a9a6329f33c56bd44d760fa0d80a6c34b6a5d5942cf5a32b46e49899f546483_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-bridge-rhel9@sha256:58085c6b3136a28e803409d7203486650b276f2c7aaf124936b0166738a11f8b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-core-rhel9@sha256:73bbc51fe49e965907f35d7176759235bff876032e40616366093ead21372c71_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-operator-bundle@sha256:fdff297b0f11bac06d6e4d82e1dc8724ab42f0be6a0fdcbc5cd6c80c7bc7bffe_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-rhel9-operator@sha256:247fd48abbb8862bff7aa76d742a8edcbb4bc0cef35b5624c458a502cd709a8d_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/prometheus-webhook-snmp-rhel9@sha256:f491bfd1f9829050d5ca68786aa1bdf74f1ce6e030b7c1112cc68b3858d83b88_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-operator-bundle@sha256:1abefb6eb3d624f2b9b827f31ecae69a2c84e50a2fe91be81d01d6c2b4ec766b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-rhel9-operator@sha256:6a9a6329f33c56bd44d760fa0d80a6c34b6a5d5942cf5a32b46e49899f546483_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-bridge-rhel9@sha256:58085c6b3136a28e803409d7203486650b276f2c7aaf124936b0166738a11f8b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-core-rhel9@sha256:73bbc51fe49e965907f35d7176759235bff876032e40616366093ead21372c71_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-operator-bundle@sha256:fdff297b0f11bac06d6e4d82e1dc8724ab42f0be6a0fdcbc5cd6c80c7bc7bffe_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-rhel9-operator@sha256:247fd48abbb8862bff7aa76d742a8edcbb4bc0cef35b5624c458a502cd709a8d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion"
},
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/prometheus-webhook-snmp-rhel9@sha256:f491bfd1f9829050d5ca68786aa1bdf74f1ce6e030b7c1112cc68b3858d83b88_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-operator-bundle@sha256:1abefb6eb3d624f2b9b827f31ecae69a2c84e50a2fe91be81d01d6c2b4ec766b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-rhel9-operator@sha256:6a9a6329f33c56bd44d760fa0d80a6c34b6a5d5942cf5a32b46e49899f546483_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-bridge-rhel9@sha256:58085c6b3136a28e803409d7203486650b276f2c7aaf124936b0166738a11f8b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-operator-bundle@sha256:fdff297b0f11bac06d6e4d82e1dc8724ab42f0be6a0fdcbc5cd6c80c7bc7bffe_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-rhel9-operator@sha256:247fd48abbb8862bff7aa76d742a8edcbb4bc0cef35b5624c458a502cd709a8d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-core-rhel9@sha256:73bbc51fe49e965907f35d7176759235bff876032e40616366093ead21372c71_amd64"
],
"known_not_affected": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/prometheus-webhook-snmp-rhel9@sha256:f491bfd1f9829050d5ca68786aa1bdf74f1ce6e030b7c1112cc68b3858d83b88_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-operator-bundle@sha256:1abefb6eb3d624f2b9b827f31ecae69a2c84e50a2fe91be81d01d6c2b4ec766b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-rhel9-operator@sha256:6a9a6329f33c56bd44d760fa0d80a6c34b6a5d5942cf5a32b46e49899f546483_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-bridge-rhel9@sha256:58085c6b3136a28e803409d7203486650b276f2c7aaf124936b0166738a11f8b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-operator-bundle@sha256:fdff297b0f11bac06d6e4d82e1dc8724ab42f0be6a0fdcbc5cd6c80c7bc7bffe_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-rhel9-operator@sha256:247fd48abbb8862bff7aa76d742a8edcbb4bc0cef35b5624c458a502cd709a8d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-06T11:39:14+00:00",
"details": "The Service Telemetry Framework container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container\nCatalog (see References).\n\nDockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.",
"product_ids": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-core-rhel9@sha256:73bbc51fe49e965907f35d7176759235bff876032e40616366093ead21372c71_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14020"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenStack 1.5:registry.redhat.io/stf/prometheus-webhook-snmp-rhel9@sha256:f491bfd1f9829050d5ca68786aa1bdf74f1ce6e030b7c1112cc68b3858d83b88_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-operator-bundle@sha256:1abefb6eb3d624f2b9b827f31ecae69a2c84e50a2fe91be81d01d6c2b4ec766b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/service-telemetry-rhel9-operator@sha256:6a9a6329f33c56bd44d760fa0d80a6c34b6a5d5942cf5a32b46e49899f546483_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-bridge-rhel9@sha256:58085c6b3136a28e803409d7203486650b276f2c7aaf124936b0166738a11f8b_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/sg-core-rhel9@sha256:73bbc51fe49e965907f35d7176759235bff876032e40616366093ead21372c71_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-operator-bundle@sha256:fdff297b0f11bac06d6e4d82e1dc8724ab42f0be6a0fdcbc5cd6c80c7bc7bffe_amd64",
"Red Hat OpenStack 1.5:registry.redhat.io/stf/smart-gateway-rhel9-operator@sha256:247fd48abbb8862bff7aa76d742a8edcbb4bc0cef35b5624c458a502cd709a8d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…